Vyatta monitor and log NAT translation

Logging to record NAT translations. This might be helpful for finding users using bit torrent (along with tshark), or for watching what IPs are connecting to what external services, and when.

while true; do d=`date +%Y%m%d%H%M`; show nat translations detail | grep -v Pre-NAT | paste - - | sort -nk1 >nats.$d.log; sleep 5m; done;
# tail -1 nats.201408261250.log
a.a.a.a:21845    z.z.z.z:443     b.b.b.b:21845       z.z.z.z:443         tcp: snat: a.a.a.a ==> b.b.b.b  timeout: 42 use: 1 
share:

convert RSA key for apache to p12 key for Exchange 2010

Needed to do this to use a wildcard cert (GoDaddy) (CSR/key generated by openssl), on a new exchange 2010 deployment

openssl pkcs12 -export -certfile fordodone.com.crt -inkey fordodone.com.key -clcerts -out fordodone.com.key.p12

When importing to certificates, it complains that it doesn’t have any content, but after certutil repair store it seems to work. No time, movin on.

share: